dcsimg

SonicWALL Internet Threat Prevention Provides Protection Against New BadBunny-A Worm

SUNNYVALE, Calif., May 24 /PRNewswire-FirstCall/ -- SonicWALL, Inc. (Nasdaq: SNWL), a leading provider of network, Web, email security and backup and recovery solutions, announced today that its Unified Threat Management (UTM) technology has distributed defensive measures to its customers against the newly-discovered BadBunny-A worm, which targets OpenOffice Software running on several different operating systems. SonicWALL first issued signatures designed to protect subscribers to its dynamic threat prevention services against exploits of this worm on Tuesday, May 22.

SUNNYVALE, Calif., May 24 /PRNewswire-FirstCall/ — SonicWALL, Inc. (Nasdaq: SNWL), a leading provider of network, Web, email security and backup and recovery solutions, announced today that its Unified Threat Management (UTM) technology has distributed defensive measures to its customers against the newly-discovered BadBunny-A worm, which targets OpenOffice Software running on several different operating systems. SonicWALL first issued signatures designed to protect subscribers to its dynamic threat prevention services against exploits of this worm on Tuesday, May 22.

The BadBunny-A macro worm targets the Open Source office package OpenOffice, running on Windows, Mac and Linux operating systems. The malware uses StarBasic scripting language that also drops scripts into other languages, to download and display an indecent JPEG image of a man wearing a bunny suit. Computers become infected when users open an OpenOffice Draw file titled badbunny.odg.

Depending on the target's operating system, a macro included in the file performs different functions. Within a Windows operating system, the worm drops a file called drop.bad which is moved to the system.ini in the mIRC folder. Within windows the macro will also drop and execute badbunny.js, a java script virus that replicates to other files in the folder. In Mac OS, the worm drops one of two Ruby script viruses in either files badbunny.rb or badbunnya.rb. The worm drops a badbunny.py as an XChat script and a badbunny.pl, a tiny Perl virus infecting other Perl files within Linux operating systems. The dropped XChat and mIRC scripts are used to replicate and distribute the virus and initiates DCC transfers to others of the original badbunny.odg OpenOffice file.

It seems that intention behind the BadBunny worm is to show that multiple platforms can be infected by exploiting macro features in OpenOffice, and does not appear to be financially motivated.

Users of SonicWALL's dynamic threat prevention services are currently protected by these main signatures:

BadBunny.A (Worm) BadBunny.A#enc (Worm)

SonicWALL has developed unique technologies to deliver gateway anti-virus, anti-spyware and intrusion prevention signatures to its subscribers on a continual basis, allowing them to defend against worms like BadBunny-A as well as attacks and exploits such as phishing, viruses, DHA or DoS attacks and more.

Further information on these and other vulnerabilities is available at: http://software.sonicwall.com/applications/ips/index.asp?ev=sig&sigid=2034 https://www.mysonicwall.com/SonicAlert/index.asp?ev=article&id=27

About SonicWALL, Inc.

Founded in 1991, SonicWALL, Inc. designs, develops and manufactures comprehensive network security, email security, secure remote access, and backup and recovery solutions. SonicWALL is headquartered in Sunnyvale, California and trades on the NASDAQ under the symbol SNWL. For more information, contact SonicWALL at +1 (408) 745-9600 or visit the company web site at http://www.sonicwall.com/.

Safe Harbor Regarding Forward-Looking Statements

Certain statements in this press release are "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. The forward-looking statements include but are not limited to statements regarding our ability to deliver gateway anti-virus, anti-spyware and intrusion prevention signatures on a continual basis, our ability to defend against new and existing Internet attacks and exploits and our ability to update signatures as exploits are discovered. These forward-looking statements are based on the opinions and estimates of management at the time the statements are made and are subject to certain risks and uncertainties that could cause actual results to differ materially from those anticipated in the forward-looking statements. In addition, please see the "Risk Factors" described in our Securities and Exchange Commission filings, including our Annual Report on Form 10-K for the year ended December 31, 2006, for a more detailed description of the risks facing our business. All forward-looking statements included in this release are based upon information available to SonicWALL as of the date of the release, and we assume no obligation to update any such forward-looking statement. All forward-looking statements included in this release are based upon information available to SonicWALL as of the date of the release, and we assume no obligation to update any such forward-looking statement.

NOTE: SonicWALL is a registered trademark of SonicWALL, Inc. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.

SOURCE SonicWALL, Inc.

Comments are closed.